信息网络安全 ›› 2019, Vol. 19 ›› Issue (1): 27-33.doi: 10.3969/j.issn.1671-1122.2019.01.004

• 技术研究 • 上一篇    下一篇

一种改进的基于认证测试的形式化分析方法

姚萌萌(), 朱正超, 刘明达   

  1. 江南计算技术研究所,江苏无锡 214063
  • 收稿日期:2018-09-19 出版日期:2019-01-20 发布日期:2020-05-11
  • 作者简介:

    作者简介:姚萌萌(1982—),男,山东,博士研究生,主要研究方向为网络安全;朱正超(1974—),男,湖南,高级工程师,硕士,主要研究方向为信息安全;刘明达(1991—),男,山东,博士研究生,主要研究方向为区块链技术。

  • 基金资助:
    国家自然科学基金[91430214, 6732018];核高基重大专项[2017ZX01028101]

An Improved Formal Analysis Method Based on Authentication Tests

Mengmeng YAO(), Zhengchao ZHU, Mingda LIU   

  1. Jiangnan Institute of Computing Technology, Wuxi Jiangsu 214063, China
  • Received:2018-09-19 Online:2019-01-20 Published:2020-05-11

摘要:

近年来,认证测试定理得到了改进,并应用于各种安全协议的分析。但是这些改进定理在应用范围和准确性方面存在一定的缺陷。针对这些缺陷,文章提出了一种改进的输入测试定理及加密测试定理,并给出了改进定理的证明。通过分析认证测试中常规节点的判定、证明过程中的错误、参数一致性证明过程中的不准确性和错误,指出了认证测试在使用过程中的缺陷。基于这些缺陷,文章提出了一种改进的基于认证测试的形式化分析方法——递归测试,并通过该方法证明了BAN-Yahalom协议。分析结果表明,该方法扩大了认证测试使用范围,且可以有效地、准确地分析安全协议。

关键词: 串空间, 认证测试, 形式化分析方法, 安全协议

Abstract:

In recent years, authentication tests has been improved and applied to the analysis of various security protocols. However, these improvement theorems also have certain defects in terms of application scope and accuracy. In response to these defects, in this paper, improved incoming test theorem and encryption test theorem are proposed, and proof of the improvement theorem is given. This paper points out the defects of the authentication test in use by analyzing the judgment of the normal nodes in the authentication test, the errors in the proof process, and the inaccuracies and errors in the process of parameter consistency verification. Based on these defects, an improved formal analysis method recursion test is proposed. This method is used to prove BAN-Yahalom protocol, the result proves this method has expanded the scope of the use of authentication tests, and can analyze the security protocol effectively, accurately.

Key words: strand space, authentication tests, formal analysis method, security protocol

中图分类号: